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(57) Abstract 

A cryptographic apparatus (10) for encrypting and decrypting digital words includes a mechanism that permits a ci- 
pher algorithm to be electronically stored after the manufacture of the apparatus. The storing mechanism includes at least 
one electrically erasable, programmable gate array (34, 36) containing a portion of the cipher algorithm and at least one 
random access memory device (32) coupled to the array for storing digital data generated by the algorithm. A mechanism 
(12) which is coupled to the gate array and memory device controls the execution of the algorithm for each digital word 
thereby decrypting encrypted digital words and encrypting non-encrypted digital words. 
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CRYPTOGRAPHIC METHOD AND APPARATUS WITH 
ELECTRONICALLY REDEFINABLE ALGORITHM 



Background of the Invention 



This invention is generally directed to the field of 
digital cryptographic devices and is more specifically 
15 directed to the architecture and method by which a cipher 
algorithm is stored in the cryptographic apparatus. This 
invention also addresses a method for manufacturing 
encrypted communications equipment in an unsecured 
environment as a result of the cipher algorithm being 
loaded into the encryption device after the manufacture 
of the equipment. 

In a typical encryption device, a secret key is 
utilized in conjunction with a cipher algorithm to 
encrypt and decrypt messages. The keys may be changed as 
frequently as desired in order to enhance security. 

The cipher algorithm which consists of the steps by 
which the message is encrypted and decrypted using a 
particular key is frequently protected in order to 
maintain high levels of security. If the algorithm is 

3 0 

known, it becomes easier to decipher a coded message 
since only the message and key are then unknowns. Thus 
it is important that the algorithm itself be protected 
for maximum security applications. 
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It is also important that the electronic circuits in 
which the algorithm resides be designed not to fail in a 
way which would compromise the message being 
communicated. Algorithms which are stored in logic 
hardware are easier to be made to "fail safe" than 
algorithms stored in software. The manufacture of logic 
hardware containing the cipher algorithms and equipment 
containing same is often strictly controlled. The 
manufacture of communications equipment containing such 
fixed encryption logic requires substantial additional 
procedures as compared with communications equipment that 
does not utilize encryption. This results in the need 
for strict controls and substantially increases 
manufacturing costs. 

Objects of the Invention 

It is an object of the present invention to provide 
an encryption apparatus having an architecture which 
permits the cipher algorithm to be electronically entered 
subsequent to the manufacture of the apparatus and 
subsequent to the manufacture of communications equipment 
utilizing the encryption apparatus. 

Another object of this invention is to provide an 
improved method for the. manufacture of encrypted 
communications equipment in which security control 
measures need not be utilized during the manufacture of 
such equipment. 

Brief Description of the Drawings 

Figure 1 is a block diagram of an embodiment, of an 
encryption device according to the present invention. 

Figure 2 is a block diagram of communications 
equipment incorporating the encryption apparatus in 
accordance with the present invention. 
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Detailed Description 

Figure 1 illustrates an enibodiinent 10 of a 
cryptographic apparatus in which the cipher algorithm can 
be electronically defined after its manufacture in 
accordance with the present invention. A sequence 
controller 12 shown to the left of the dashed line 
includes a program counter 14 having an output coupled by 
bus 16 to multiplexer 18. The output of multiplexer 18 
is coupled to an electronically erasable, programmable . 
array logic device (EEPAL) 20. Such EEPAL devices are 
commercially available and consist of a number of logic 
gates which can be electronically programmed to 
interconnect to each other to produce an output 
determined by a Boolean algebraic formula operating on 
the input data. As used herein, array logic devices do 
not include microprocessors. it is important that the 
array logic devices be electronically programmable and 
are preferably erasable to permit reprogramming . The 
output of device 2 0 is coupled by latch 2 2 to buffer 2 4 
and to latch 26. An output of device 2 0 also provides a 
clock input to program counter 14 which causes the 
counter to increment periodically and step through a 
preprogrammed number of steps. 

The general purpose of sequence controller 12 is to 
control the cyclic operation sequence of the remainder of 
the circuitry shown in Figure l, i.e. implement the 
cipher algorithm on a step by step basis. A common 
address bus 28 with communication port 2 9 and a data bus 
3 0 with communication port 31 establish digital 
communication paths with EEPAL 20, random access memory 
(RAM) device 32, and EEPAL's 34 and 36. RAM 32 is 
addressed by multiplexer 38 which selects between the 
output 16 of program counter 14 or address bus 28. Data 
is input to RAM 32 by data bus 30. The data information 
stored in a particular address is coupled from RAM 3 2 by 
latch 4 0 and buffer 4 2 to data bus 30. 
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EEPAL 34 has address and data inputs from the 
respective buses. The output from EEPAL 34 is coupled by 
latch 44 and buffer 46 to data bus 30. Similarly, EEPAL 
3 6 receives address and data inputs from the respective 
bus lines. Its output as determined by its particular 
gate configuration is coupled to data bus 3 0 by latch 48 
and buffer 50. its output is also coupled to latch 2 6 
and defines the encrypted digital output 52 at the end of 
the program sequence which is communicated to latch 2 6 
via the output of latch 22. 

The digital information to be encrypted is coupled 
by input 54 to buffer 56 which in turn couples the 
information to data bus 30. The digital information 
consists of digital words having one or more bits. it 
will be understood that the encryption of the input data 
by the encryption apparatus 10 must be accomplished prior 
to the input of the next information to be encrypted in 
order to maintain a real time message flow. Thus it will 
be apparent that the clock (not shown) which provides 
clock information to the elements shown in Figure 1 must 
be of a sufficient rate to allow the number of steps 
required by the cipher algorithm to be completed within 
the input time frame. 

One important aspect of the present invention is the 
ability to have the cipher algorithm defined after the 
manufacture of the hardware which will carry out the 
algorithm. The preferred embodiment shown in Figure i 
accomplishes this goal by the use of electronically 
erasable, programmable array logic devices and random 
access memory. After the manufacture of the encryption 
device 10 and its insertion into the communications 
equipment, an external device such as a microprocessor 
controlled computer is coupled to the address and data 
bus ports and is utilized to program the internal gate 
configurations of each EEPAL with a test algorithm and 
define initial test data stored in RAM 32. After testing 
is complete the communications equipment can be delivered 
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to the customer with the test program still in the 
encryption device so that the completed unit can be 
handled without the use of security measures. The 
customer would then load the encryption device with the 
cipher algorithm by use of a similar external computer. 

since the cipher algorithm can not be determined 
based on the test algorithm, it is not necessary to have 
strict security control of such equipment prior to the 
actual cipher algorithm being externally programmed. 
This permits the encryption hardware as well as equipment 
containing the hardware to be manufactured without a 
strict security control environment. 

In order to better understand the operation of the 
encryption apparatus 10, the following illustrative 
example is provided. An external computer which has been 
preprogrammed to define the EEPAL^s and load initial data 
into RAM is coupled to the address and data bus. The 
SEPAL'S are each sequentially programmed to perform a 
specific Boolean algebra function. A key and 
initialization data are stored in RAM 32. The apparatus 
is now ready to process incoming data on input 54 since 
it contains the desired cipher algorithm. 

The first input data byte or word is stored in RAM 
32. The key and the input data stored in RAM 3 2 are 
transferred as input data to EEPAL 3 4 which acts upon 
such data to produce a resulting output data Rl. The 
resulting data Rl is stored in RAM 32. The 
initialization data and the resulting data Rl are 
transferred from RAM 32 to EEPAL 3 6 which acts upon these 
inputs to produce output data F. This output data F is 
stored in RAM 3 2 and is substituted in the place of the 
initialization data so that it will be used in the place 
of same for the next input data to be encrypted. 
Simultaneously, the data F is transferred to latch 2 6 and 
is clocked out at line 52 as the encrypted output data. 
A repetitive process occurs for each new input data byte 
to produce a corresponding output encrypted data. 
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The above example illustrates a possible encryption 
application. It will be apparent that since RAM 3 2 is 
available, intermediate products can be stored and later 
used for subsequent calculations in a variety of ways 
depending upon the complexity of the mathematical 
functions used. Depending upon the level of security 
desired, the number of iterations required, and the speed 
at, which the encryption processed must occur, more or 
fewer EEPAL's can be used. 

Another advantage of the present invention resides 
in the use of the RAM 3 2 instead of an alternative 
storage device such as a shift register. The RAM can 
function as a programmable register thereby allowing the 
number of bytes which can be stored during any process to 
be varied within the ultimate capacity of the RAM. This 
adds a degree of security to such an apparatus since it 
increases the difficulty of determining the number of 
bytes or length of the calculations being used. 

The encryption apparatus of the present invention 
can also be contrasted with the use of a general purpose 
microprocessor or a more specialized digital signalling 
processor to accomplish a similar encryption technique. 
Although such alternatives could be used, the relatively 
complicated internal structure of the microprocessor 
makes such an alternative difficult to design to "fail 
safe"; that is, fail in an acceptable manner which 
protects the security of the message without compromising 
the algorithm being utilized. The more direct 
functioning apparatus in accordance with the present 
invention can be more easily protected and diagnosed in 
the event of a failure. 

Figure 2 illustrates communication equipment 
consisting of a two-way radio which incorporates the 
encryption apparatus 10 in accordance with the present 
3= invention. An antenna 60 couples signals carrying voice 
information to a duplexer and filter 62 which couples a 
received signal to mixer 64. The other signal to mixer 
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64 from oscillator 66 is mixed to produce a resulting 
intermediate frequency output 68. Conventional receiver 
circuits between 68 and demodulator 7 0 are not shown. 
The demodulator provides an output to multiplexer 72 
which routes the received encrypted signal as digital 
input 54 to the encryption device 10. The decrypted 
output 52 from the device 10 is coupled by multiplexer 74 
to digital to analog converter 76. The analog output 
from converter 76 is amplified by audio amplifier 78 
before being coupled to speaker 80. 

The signal received will have been encrypted by a 
corresponding encryption device 10 in a remote radio 
utilizing a corresponding cipher algorithm and key. In 
this example the recovered data is decrypted by device 10 
and converted to an analog signal to provide a clear text 
voice message to the listener. 

To transmit an encrypted message, a voice signal is 
coupled by microphone 82 to audio amplifier 84 whose 
output is converted into a digital signal by analog to 
digital converter 86. The output of this converter is 
coupled by multiplexer 7 2 to encryption device 10 which 
encrypts the input data and provides an output 52 coupled 
by multiplexer 74 to the modulator 88 in a transmitter. 
The conventional transmitter stages normally found 
between modulator 88 and power amplifier 90 are not 
shown. The amplified signal from amplifier 90 is coupled 
through filter 62 to antenna 60 where it is transmitted 
to a corresponding receiver having a similar encryption 
device 10. 

As previously explained, the manufacture of such a 
radio would require security and accounting procedures if 
the encryption device 10 contained the cipher algorithm 
during the manufacture of the radio. Since the present 
invention allows the cipher algorithm to be loaded at a 
later time, the radio including the encryption device 10 
can now be manufactured in a factory environment not 
subject to strict security measures. 
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Although a radio transceiver is shown in Figure 2 as 
incorporating the encryption device, it will be apparent 
that other communications equipment designed to carry 
voice or data, such as modems and secure telephones can 
5 equally use the encryption apparatus according to the 
present invention. 

Although an embodiment of the present invention has 
been described and illustrated herein, the scope of the 
invention is defined by the claims which follow. 
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1. A cryptographic apparatus for encrypting and 
decrypting digital words comprising: 

means for electronically storing a cipher algorithm, 
said storing means having at least one electrically 
programmable array logic device containing a portion of 
said algorithm and at least one random access memory 
device coupled to said logic device for storing digital 
data generated by said algorithm; and 

means coupled to said logic device and memory device 
for controlling the execution of said algorithm for each 
of said digital words thereby decrypting encrypted 
digital words and encrypting non-encrypted digital words. 
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2. The cryptographic apparatus according to 
claim 1 wherein said logic device is erasable. 

3. The cryptographic apparatus according to 
claim 2 wherein said logic device is electrically 

5 erasable. 

4. The cryptographic apparatus according to 
claim 1 wherein said controlling means comprises another 
electrically programmable array logic device. 

5. The cryptographic apparatus according to 
claim 1 further comprising common digital address and 
data buses coupled to said array logic device, memory 
device and said controlling means, said address and data 
buses each having a communication port that allows said 
array logic device, memory device, and controlling means 
to be programmed by an external programming device to 
execute the cipher algorithm. 

6. The cryptographic apparatus according to 
claim 4 further comprising common digital address and 
data buses coupled to said one array logic device, 
another array logic device, memory device and said 
controlling means, said address and data buses each 
having a communication port that allows said one logic 
device, another logic device, memory device, and 
controlling means to be programmed by an external 

25 programming device to execute the cipher algorithm. 

7. The cryptographic apparatus according to 
claim 1 wherein said controlling means does not include a 
microprocessor . 
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8. A two-way coininunication device comprising: 
means for demodulating received encrypted signals to 
provide inbound encrypted digital words; 

means for generating modulated signals corresponding 
to outbound encrypted digital words; 

cryptographic means for decrypting said inbound 
encrypted digital words and generating said outbound 
encrypted digital words from non-encrypted digital words, 
said cryptographic means comprising: 

means for electronically storing a cipher 
algorithm, said storing means having at least one 
electrically programmable array logic device containing a 
portion of said algorithm and at least one random access 
memory device coupled to said logic device for storing 
15 digital data generated by said algorithm; and 

means coupled to said logic device and 
memory device for controlling the execution of said 
algorithm for decrypting said inbound encrypted digital 
words and generating said outbound encrypted digital 
words based on non-encrypted digital words. 
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9. The communication device according to claim 

8 wherein said logic device is erasable. 

10. The coitmiunication device according to claim 

9 wherein said logic device is electrically erasable. 

11. The communication device according to claim 
8 wherein said controlling means comprises another 
electrically programmable array logic device. 

12. The communication device according to claim 
8 further comprising common digital address and data 
buses coupled to said array logic device, memory device 
and said controlling means, said address and data buses 
each having a communication port that allows said array 
logic device, memory device, and controlling means to be 
programmed by an external programming device to execute 

15 the cipher algorithm. 

13 . The communication device according to claim 
11 further comprising common digital address and data 
buses coupled to said one array logic device, another 
array logic device, memory device and said controlling 
means, said address and data buses each having a 
communication port that allows said one array logic 
device, another array logic device, memory device, and 
controlling means to be programmed by an external 
programming device to execute the cipher algorithm. 

14. The communication device according to claim 
8 wherein said controlling means does not include a 
microprocessor. 

15. The communication device according to claim 
8 in which said device comprises a two-way wireless radio 
transceiver including a receiver which receives said 
encrypted signals and a transmitter which transmits said 
modulated signals. 
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16- A method for manufacturing a communication 
device which includes a cryptographic apparatus 
comprising the steps of: 

installing said cryptographic apparatus in said 
5 communication device, said cryptographic apparatus not 
including at the time of installation the cipher 
algorithm to be used; 

loading said cryptographic apparatus with a test 
algorithm that allows it to be tested; 
iO testing said communication device and cryptographic 

apparatus for proper operation; and 

following said installation and testing, erasing the 
test algorithm and electronically redefining the 
interconnection of logic gates within said cryptographic 
15 apparatus to perform a Boolean algebraic function that 
forms part of the cipher algorithm to be used, whereby 
the communication device and cryptographic apparatus do 
not substantially compromise the security of the cipher 
algorithm prior to the definition of the Boolean 
20- algebraic function. 



BNBDOCiD: <WO_P907376A1JL> 



wo 89/07375 PCT/US89/00002 



- 14 - 



17. The method according to claim 16 wherein 
said step of erasing comprises electronically erasing the 
test algorithm. 

IS. The method according to claim 16 further 

5 comprising the step of electronically programming an 

erasable, programmable array logic device to include said 
Boolean algebraic function. 

19. The method according to claim 16 further 
comprising the step of loading the cipher algorithm into 

10 said cryptographic apparatus over common digital address 
and data buses contained within the cryptographic 
apparatus, said Boolean algebraic function being 
electronically defined in an erasable, programmable array 
logic device coupled to said buses within said 

15 cryptographic apparatus. 
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